[apparmor] [PATCH] Fix transition table resize padding
John Johansen
john.johansen at canonical.com
Tue Jul 13 15:23:32 BST 2010
On 07/13/2010 07:17 AM, Kees Cook wrote:
> On Mon, Jul 12, 2010 at 02:16:41PM -0700, John Johansen wrote:
>> This is the sser space fix for launchpad.net/busgs/599450
>>
>> It changes the table resizing so that there is always sufficient
>> high entries in the table, preventing bounds violations from
>> occurring.
>>
>> Previously the resize allocation was always based on the character
>> set range for a state, which could be more or less than actually
>> required, and packing would waste some space when over allocation
>> was done.
>>
>> As a result this patch in general results in slightly smaller
>> transition tables even though it enforcing the minimum required
>> padding to avoid bounds violations.
>
> Again, not entirely obvious, and the 256 vs 255 counting is a little
> strange, but if this works, then it's an obvious ACK.
>
The 256 is because in the !x case the whole range of the character
falls outside the current table hence we need 256 more entries to cover
the full range.
The 255 in the x case is because the x fits in. We then use that to
figure what how much we overflow by. We could change the math to
256 - 1 to be explicit but I would prefer just keeping 255 and adding
a comment to each case
More information about the AppArmor
mailing list